| ▲ | trueismywork 15 hours ago |
| What about OV? |
|
| ▲ | ekr____ 15 hours ago | parent | next [-] |
| It's never been clear to me what the rationale for OV was, as the UI wasn't even different like EV was. |
|
| ▲ | quesera 15 hours ago | parent | prev [-] |
| I've never seen (noticed) an OV cert in real life, and no business I've ever been responsible for pushed for OV over DV. It was always EV or "huh?" |
| |
| ▲ | bostik 15 hours ago | parent | next [-] | | I think I've seen one or two, and only because I noticed them as a weird callout in a $LARGE_FINANCE_INSTITUTION infosec bingo sheet. Of course I had to check that they really were running with OV certs. Some of the outfits in that space will be heavily hit by the shortening certificate max-lifetimes, and I do hope that the insurance companies at some point also stop demanding a cert rotation before 90 days to expiry. It's a weird feeling to redline a corporate insurance policy when their standard requirements are 15 years out of date. | | |
| ▲ | quesera 14 hours ago | parent | next [-] | | > when their standard requirements are 15 years out of date I swear half of my "compensating control" responses are just extended versions of "policy requirement is outdated or was always bad". | |
| ▲ | crote 11 hours ago | parent | prev [-] | | > I do hope that the insurance companies at some point also stop demanding a cert rotation before 90 days to expiry It's not like you have a lot of choices when certificates are only valid for 47 days in 2029! |
| |
| ▲ | Sesse__ 15 hours ago | parent | prev [-] | | Before LE, we did lots of OV (which you generally could get a couple of for free from somewhere). We had to dig up stuff like a heating bill, because evidently that is proof of organizational control to some people. |
|
